CVE-2021-35036
First published: Tue Mar 01 2022(Updated: )
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel AX7501-B0 | <5.17\(abpc.2\)c0 | |
| Zyxel AX7501-B0 firmware | ||
| Zyxel Dx3301-t0 Firmware | <5.50\(abvy.3\)c0 | |
| Zyxel Dx3301-t0 Firmware | ||
| Zyxel DX5401-B0 | <5.17\(abyo.2\)c0 | |
| Zyxel DX5401-B0 firmware | ||
| Zyxel Emg3525-T50B Firmware | <5.50\(abpm.7\)c0 | |
| Zyxel Emg3525-T50B Firmware | ||
| Zyxel Emg5523-T50B | <5.50\(abpm.7\)c0 | |
| Zyxel Emg5523-T50B | ||
| Zyxel EMG5723-T50K Firmware | <5.50\(abom.8\)c0 | |
| Zyxel EMG5723-T50K Firmware | ||
| Zyxel Ep240p Firmware | <5.40\(abvh.0\)c0a03 | |
| Zyxel EP240P | ||
| Zyxel Ex5401-b0 | <5.17\(abyo.2\)c0 | |
| Zyxel Ex5401-b0 Firmware | ||
| Zyxel Ex5501-b0 | <5.17\(abry.3\)c0 | |
| Zyxel Ex5501-b0 Firmware | ||
| Zyxel LTE3301-M209 | <1.00\(abqu.6\)c0 | |
| Zyxel Lte3301-plus | ||
| Zyxel Lte5388-m804 Firmware | <1.00\(abra.6\)c0 | |
| Zyxel Lte5388-m804 Firmware | ||
| Zyxel Lte5388-s905 Firmware | <1.00\(abvi.6\)c0 | |
| Zyxel Lte5388-s905 Firmware | ||
| Zyxel Lte5398-m904 Firmware | <1.00\(abqv.2\)c0 | |
| Zyxel Lte5398-m904 Firmware | ||
| Zyxel Lte7240-m403 Firmware | <2.00\(abmg.6\)c0 | |
| Zyxel Lte7240-m403 | ||
| Zyxel Lte7461-m602 Firmware | <2.00\(abqn.6\)c0 | |
| Zyxel Lte7461-m602 | ||
| Zyxel LTE7480-M804 | <1.00\(abra.6\)c0 | |
| Zyxel Lte7480-m804 Firmware | ||
| Zyxel Lte7480-s905 Firmware | <2.00\(abqt.6\)c0 | |
| Zyxel Lte7480-s905 Firmware | ||
| Zyxel Lte7485-s905 Firmware | <1.00\(abvn.6\)c0 | |
| Zyxel Lte7485-s905 | ||
| Zyxel LTE7490-M804 | <v1.00\(abqy.5\)c0 | |
| Zyxel LTE7490-M804 | ||
| Zyxel Nr5101 Firmware | <1.00\(abvc.6\)c0 | |
| Zyxel Nr5101 | ||
| Zyxel NR7101 Firmware | <1.00\(abuv.7\)c0 | |
| Zyxel NR7101 Firmware | ||
| Zyxel Nr7102 Firmware | <1.00\(abyd.2\)c0 | |
| Zyxel Nr7102 | ||
| Zyxel Pm7300-t0 Firmware | <5.42\(acbc.1\)c0 | |
| Zyxel Pm7300-t0 | ||
| Zyxel Pmg5317-t20b Firmware | <5.40\(abki.4\)c0 | |
| Zyxel Pmg5317-t20b | ||
| Zyxel Pmg5617-t20b2 Firmware | <5.41\(acbb.1\)c0 | |
| Zyxel Pmg5617-t20b2 | ||
| Zyxel Pmg5617ga Firmware | <5.40\(abna.2\)c0 | |
| Zyxel Pmg5617ga | ||
| Zyxel Pmg5622ga Firmware | <5.40\(abnb.2\)c0 | |
| Zyxel Pmg5622ga | ||
| Zyxel VMG3625-T50B firmware | <5.50\(abtl.0\)b2r | |
| Zyxel VMG3625-T50B | ||
| Zyxel Vmg3927-t50k Firmware | <5.50\(abom.8\)c0 | |
| Zyxel Vmg3927-t50k | ||
| Zyxel Vmg8623-t50b Firmware | <5.50\(abpm.7\)c0 | |
| Zyxel Vmg8623-t50b | ||
| Zyxel VMG8825-T50K firmware | <5.50\(abom.8\)c0 | |
| Zyxel VMG8825-T50K | ||
| Zyxel VMG3625-T50B firmware | <5.50\(accr.0\)b4 | |
| Zyxel VMG3625-T50B firmware | <5.50\(abpm.7\)c0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-35036?
CVE-2021-35036 has a medium severity rating due to the potential exposure of sensitive information.
How do I fix CVE-2021-35036?
To fix CVE-2021-35036, update your Zyxel VMG3625-T50B firmware to the latest version provided by Zyxel.
What types of devices are affected by CVE-2021-35036?
CVE-2021-35036 primarily affects the Zyxel VMG3625-T50B firmware and other related Zyxel firmware versions.
What kind of data could be exposed due to CVE-2021-35036?
CVE-2021-35036 could expose sensitive information stored in the configuration file of the affected device.
Is there a workaround for CVE-2021-35036?
There is no official workaround for CVE-2021-35036, and the best course of action is to update the firmware.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/event
- agent/first-publish-date
- agent/description
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zyxel
- canonical/zyxel ax7501-b0
- canonical/zyxel ax7501-b0 firmware
- canonical/zyxel dx3301-t0 firmware
- canonical/zyxel dx5401-b0
- canonical/zyxel dx5401-b0 firmware
- canonical/zyxel emg3525-t50b firmware
- canonical/zyxel emg5523-t50b
- canonical/zyxel emg5723-t50k firmware
- canonical/zyxel ep240p firmware
- canonical/zyxel ep240p
- canonical/zyxel ex5401-b0
- canonical/zyxel ex5401-b0 firmware
- canonical/zyxel ex5501-b0
- canonical/zyxel ex5501-b0 firmware
- canonical/zyxel lte3301-m209
- canonical/zyxel lte3301-plus
- canonical/zyxel lte5388-m804 firmware
- canonical/zyxel lte5388-s905 firmware
- canonical/zyxel lte5398-m904 firmware
- canonical/zyxel lte7240-m403 firmware
- canonical/zyxel lte7240-m403
- canonical/zyxel lte7461-m602 firmware
- canonical/zyxel lte7461-m602
- canonical/zyxel lte7480-m804
- canonical/zyxel lte7480-m804 firmware
- canonical/zyxel lte7480-s905 firmware
- canonical/zyxel lte7485-s905 firmware
- canonical/zyxel lte7485-s905
- canonical/zyxel lte7490-m804
- canonical/zyxel nr5101 firmware
- canonical/zyxel nr5101
- canonical/zyxel nr7101 firmware
- canonical/zyxel nr7102 firmware
- canonical/zyxel nr7102
- canonical/zyxel pm7300-t0 firmware
- canonical/zyxel pm7300-t0
- canonical/zyxel pmg5317-t20b firmware
- canonical/zyxel pmg5317-t20b
- canonical/zyxel pmg5617-t20b2 firmware
- canonical/zyxel pmg5617-t20b2
- canonical/zyxel pmg5617ga firmware
- canonical/zyxel pmg5617ga
- canonical/zyxel pmg5622ga firmware
- canonical/zyxel pmg5622ga
- canonical/zyxel vmg3625-t50b firmware
- canonical/zyxel vmg3625-t50b
- canonical/zyxel vmg3927-t50k firmware
- canonical/zyxel vmg3927-t50k
- canonical/zyxel vmg8623-t50b firmware
- canonical/zyxel vmg8623-t50b
- canonical/zyxel vmg8825-t50k firmware
- canonical/zyxel vmg8825-t50k